feat: WireGuard endpoint override + fix Docker network label issue
Unit Tests / test (push) Successful in 11m14s
Unit Tests / test (push) Successful in 11m14s
Endpoint override: - Add PUT /api/wireguard/endpoint to set endpoint_override in identity config; GET returns detected, override, and effective endpoints - _effective_endpoint() helper applies override in peer config generation (wireguard.py and peer_dashboard.py); detected IP still shown in UI - Add Endpoint Override input in WireGuard page — solves the common case where auto-detected IP is a gateway/VPS but peers connect via LAN IP Docker cell-network fix: - Declare cell-network external in docker-compose.yml; Docker Compose v5 enforces label ownership and rejects networks created by older versions - Makefile start/update pre-create cell-network idempotently - reinstall/uninstall(full) explicitly delete and recreate the network - Fix uninstall loop path: data/api/services/ (not data/services/) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
+46
-4
@@ -4,6 +4,20 @@ from flask import Blueprint, request, jsonify
|
||||
logger = logging.getLogger('picell')
|
||||
bp = Blueprint('wireguard', __name__)
|
||||
|
||||
|
||||
def _effective_endpoint(wireguard_manager, config_manager) -> str:
|
||||
"""Return the WireGuard endpoint to embed in peer configs.
|
||||
|
||||
Uses wireguard_endpoint from identity config when set (admin override),
|
||||
falling back to get_external_ip() detection.
|
||||
"""
|
||||
srv = wireguard_manager.get_server_config()
|
||||
override = (config_manager.get_identity().get('wireguard_endpoint') or '').strip()
|
||||
if override:
|
||||
port = srv.get('port', 51820)
|
||||
return override if ':' in override else f'{override}:{port}'
|
||||
return srv.get('endpoint') or '<SERVER_IP>'
|
||||
|
||||
@bp.route('/api/wireguard/keys', methods=['GET'])
|
||||
def get_wireguard_keys():
|
||||
try:
|
||||
@@ -171,8 +185,8 @@ def get_peer_config():
|
||||
|
||||
server_endpoint = data.get('server_endpoint', '')
|
||||
if not server_endpoint:
|
||||
srv = wireguard_manager.get_server_config()
|
||||
server_endpoint = srv.get('endpoint') or '<SERVER_IP>'
|
||||
from app import config_manager
|
||||
server_endpoint = _effective_endpoint(wireguard_manager, config_manager)
|
||||
|
||||
allowed_ips = data.get('allowed_ips') or None
|
||||
if not allowed_ips and registered:
|
||||
@@ -198,12 +212,40 @@ def get_peer_config():
|
||||
@bp.route('/api/wireguard/server-config', methods=['GET'])
|
||||
def get_server_config():
|
||||
try:
|
||||
from app import wireguard_manager
|
||||
return jsonify(wireguard_manager.get_server_config())
|
||||
from app import wireguard_manager, config_manager
|
||||
cfg = wireguard_manager.get_server_config()
|
||||
cfg['endpoint_override'] = (config_manager.get_identity().get('wireguard_endpoint') or '').strip()
|
||||
cfg['effective_endpoint'] = _effective_endpoint(wireguard_manager, config_manager)
|
||||
return jsonify(cfg)
|
||||
except Exception as e:
|
||||
logger.error(f"Error getting server config: {e}")
|
||||
return jsonify({"error": str(e)}), 500
|
||||
|
||||
@bp.route('/api/wireguard/endpoint', methods=['GET'])
|
||||
def get_wireguard_endpoint():
|
||||
try:
|
||||
from app import wireguard_manager, config_manager
|
||||
return jsonify({
|
||||
'endpoint_override': (config_manager.get_identity().get('wireguard_endpoint') or '').strip(),
|
||||
'detected_endpoint': wireguard_manager.get_server_config().get('endpoint'),
|
||||
'effective_endpoint': _effective_endpoint(wireguard_manager, config_manager),
|
||||
})
|
||||
except Exception as e:
|
||||
logger.error(f"Error getting wireguard endpoint: {e}")
|
||||
return jsonify({"error": str(e)}), 500
|
||||
|
||||
@bp.route('/api/wireguard/endpoint', methods=['PUT'])
|
||||
def set_wireguard_endpoint():
|
||||
try:
|
||||
from app import config_manager
|
||||
data = request.get_json(silent=True) or {}
|
||||
override = (data.get('endpoint_override') or '').strip()
|
||||
config_manager.set_identity_field('wireguard_endpoint', override)
|
||||
return jsonify({'endpoint_override': override, 'ok': True})
|
||||
except Exception as e:
|
||||
logger.error(f"Error setting wireguard endpoint: {e}")
|
||||
return jsonify({"error": str(e)}), 500
|
||||
|
||||
@bp.route('/api/wireguard/refresh-ip', methods=['GET', 'POST'])
|
||||
def refresh_external_ip():
|
||||
try:
|
||||
|
||||
Reference in New Issue
Block a user